Virtualization has long been a cornerstone of modern computing, with giants like Hyper-V, VMware, and KVM dominating the landscape. Over the years, these platforms have focused on delivering robust features, primarily through supporting new chipset instructions and fixing bugs. However, the virtualization landscape is undergoing significant changes, driven by the increasing adoption of virtual machines (VMs) and containers as core components of contemporary operating systems and platforms. As a result, there has been a profound need to rethink how virtualization technologies can adapt to the evolving requirements of cloud-native and serverless computing paradigms.
The Evolution of Virtualization
The evolution of virtualization began taking distinct turns as operating systems started integrating virtual machines and containers more fundamentally. One prominent driver of this change was the incorporation of virtualization-based security in Windows, most notably via Hyper-V’s Krypton features. These features seamlessly integrated platforms and virtual machines to enhance user security without any perceptible performance degradation. Additionally, advanced tools like OpenHCL provided frameworks for building virtualization-based trusted execution environments, bolstering overall security.
As cloud-native and serverless computing gained traction, the role of virtual machines evolved accordingly. In these new computing paradigms, the ability to rapidly launch code to meet demand and scale down to zero when not needed is critical for achieving economic efficiency in data centers. This shift highlighted the need for fast, lightweight virtualization to optimize the launch of small functional elements—ensuring users experience minimal latency and seamless performance.
Introducing Hyperlight
Responding to these emerging needs, Microsoft introduced Hyperlight—a Rust-based and functions-focused minimal VM manager— in 2023. Hyperlight, announced by Azure CTO Mark Russinovich, eliminates the necessity for a guest operating system within a virtual machine. Instead, it directly exposes a virtual CPU and I/O to guest applications, presenting a minimalist approach that facilitates quick boot and execution of statically linked binaries.
Hyperlight has evolved into a public project available on GitHub, albeit still experimental in nature. This evolution opens new avenues for developers to explore minimal VMs and write code tailored for such environments. It’s particularly advantageous for event-driven applications that require rapid scaling. The potential applications extend beyond functions as a service (FaaS) to include microservices within Kubernetes environments managed by Kubernetes Event-Driven Autoscaling (KEDA) and portable edge IoT codes.
Benefits and Applications of Hyperlight
Integrating Hyperlight into Azure’s ecosystem could yield substantial benefits, especially in scenarios where latency and density are critical. For instance, running Hyperlight on Cobalt Arm hardware could harness Azure’s new low-power compute capabilities while enabling quick responses to data notifications from diverse sources via Drasi workloads. This fast, efficient, and low-latency virtual machine manager opens up new possibilities for developers aiming to optimize their cloud-native applications.
Using Hyperlight for FaaS requires specific considerations. Code running on the Hyperlight virtual CPU must be compiled with specialized libraries that are statically linked during the compilation process. Currently, this compilation is supported in C, with plans to extend support to Rust in the future. Developers can utilize a Web Assembly (WASM) runtime to build the runtime once and execute arbitrary code written in higher-level languages, compiled to Web Assembly’s WASM instruction set. This approach supports any language with a WASM compiler, including .NET languages like C#.
Technical Aspects of Hyperlight
Hyperlight offers basic infrastructure for thinly provisioned VMs by setting up necessary memory structures through host OS hypervisor APIs, enabling the virtual CPU and its registers, and executing pre-configured applications at specific instruction pointers. This setup is optimized to run one process per VM, with the application and VM bundled together to facilitate minimal cold start times.
In contrast to traditional VM managers, Hyperlight is optimized for fast cold starts, drastically reducing launch times from hundreds of milliseconds to a mere couple of milliseconds. This remarkable speed enhancement enables Azure to scale FaaS more efficiently, allowing it to shut down functions entirely when not in use and ensuring active functions are engaged in computing rather than idling.
Developing with Hyperlight
Hyperlight can be invoked programmatically, and Microsoft provides sample code in Rust to help developers get started. Creating a Hyperlight sandbox and loading code into it can be done with minimal lines of code. Developers also have the option of creating VM snapshots post-creation to expedite the launch of future instances.
Once a VM is running, developers can use Hyperlight’s Rust libraries to directly call VM-hosted functions. Host code must run in a loop until the VM function halts successfully or fails. Upon success or failure, the host either returns the result or logs an error message. Here, Rust’s memory-safe properties are particularly beneficial, reducing risks of memory leaks and buffer overflows—crucial considerations in cloud-native environments with transient function instances.
Security Considerations
Building a guest binary for Hyperlight necessitates the use of the Hyperlight library, available in both C and Rust. The library is indispensable, and developers must include a specific entry point for their code designed to trap unregistered host function calls.
Security remains a paramount concern in building Hyperlight hosts. Microsoft’s guidelines underscore the importance of imposing restrictions on hosts, such as refraining from file creation or manipulation, network resource access, or encryption operations. These restrictions are essential to prevent malicious actors from exploiting state or services, especially in scenarios where hosts may load functions from multiple owners.
Impact on Cloud Economics
The virtualization landscape is facing significant shifts. The increasing integration of virtual machines (VMs) and containers into contemporary operating systems and platforms is a key driver of these changes. This evolution spurs a critical need to rethink and adapt virtualization technologies to meet the demands of cloud-native and serverless computing paradigms. These paradigms require a more flexible and scalable approach, pushing the industry’s giants to innovate and optimize their virtualization solutions. As they do so, the focus is shifting toward enhancing performance, improving resource allocation, and ensuring seamless integration with modern computing environments. Consequently, the future of virtualization will likely see more breakthroughs that cater to the dynamic needs of today’s cloud services and serverless architectures.
